数据加密

1. RSA 非对称加密

RSA是一种非对称加密算法,简单理解就是两个密钥:一个公钥,一个私钥。
同时它也可以用来签名和验签,正好与加密相反。

    加密:公钥加密,私钥解密;
    签名:私钥签名,公钥验签。
    有意思的是有些人分不清公钥私钥的用处,这里提供一个思路:
    用作加密时,密文泄露是无所谓的(相对而言),重要的是用于解密的密钥必须安全,所以用不公开的私钥来解密,用公钥来加密;
    用作签名时,目的是防止别人伪造我的身份发信息,所以用私钥来签名,用公钥来验签。

1.1 生成公私钥

from Crypto import Random
from Crypto.PublicKey import RSA

random_generator = Random.new().read
rsa = RSA.generate(2048, random_generator)
# 生成私钥
private_key = rsa.exportKey()
print(private_key.decode('utf-8'))

print("-" * 30 + "分割线" + "-" * 30)

# 生成公钥
public_key = rsa.publickey().exportKey()
print(public_key.decode('utf-8'))

1.2 使用私钥签名,公钥验签

from Crypto.PublicKey import RSA
from Crypto.Signature import PKCS1_v1_5
from Crypto.Hash import MD5
import base64


def RSA_sign(data):
    with open("publickey.pem", "r") as f:
        privateKey = f.read()
    if not privateKey.startswith(b'-----BEGIN PRIVATE KEY-----'):
        private_keyBytes = base64.b64decode(privateKey)
        priKey = RSA.importKey(private_keyBytes)
    else:
        priKey = RSA.importKey(privateKey)
    signer = PKCS1_v1_5.new(priKey)
    hash_obj = MD5.new(data.encode('utf-8'))
    signature = base64.b64encode(signer.sign(hash_obj))
    print(signature)
    res_sign = signature.decode('utf8')
    print(res_sign)
    return signature

def verify(signature,encrData):
    with open("publickey.pem","r") as f:
        publicKey = f.read()
    if not publicKey.startswith(b'-----BEGIN PRIVATE KEY-----'):
        public_keyBytes = base64.b64decode(publicKey)
        pubKey = RSA.importKey(public_keyBytes)
    else:
        pubKey = RSA.importKey(publicKey)
    h = MD5.new(encrData.encode('utf-8'))
    verifier = PKCS1_v1_5.new(pubKey)
    return verifier.verify(h, base64.b64decode(signature))

if __name__ == '__main__':
    encrData ='{"phone":17269558830,"password":LHoOVKha,"timestamp":1611749330857,"appName":"₩テᅠ¥タ゚│ᄡᄋ₩ᆲᄒ"}'
    s = RSA_sign(encrData)
    print(verify(s, encrData))

几个注意事项:

1.密钥如果是读取自.pem文件,密钥会有开始行和结束行,叫做头标注信息和尾标注信息。常见的长这样:

-----BEGIN PRIVATE KEY-----
#密钥内容#
-----END PRIVATE KEY-----
2.此时直接priKey = RSA.importKey(privateKey)(见被注释掉的部分)即可,不用对私钥进行base64解码;
3.哈希算法可以采用MD5,也可以用别的比如SHA;
4.data是需要签名的数据,需要字节化后才能传进MD5.new()中。字节化有三种方法,示例中采用了第三种:

b'zifuchuang'
bytes('zifuchuang',encoding='utf-8')
'zifuchuang'.encode('utf-8')

1.3 公私钥加解密

import base64
import json

from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_v1_5
from Crypto import Random

publicKey = '''-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2s7rkSg+D439bCOHU/0N
4I6A5IBmUmQscTzGCco8k3i25nRK7yN86pUm12FQ//CRz5Xos3ybMcOCfJ7vpF6Y
BLtzvn8pkyACHdskhus4HSsbB2jFvi888TAeZsTezsEkwc13WW18K6PliwhAF5qp
WBsT7aQZ58c/MFJTOccyOennNDWLkaGBRcNZKvvFkYL55knnwu94cpwE2AgYPd+y
Q3z1mDgSki2kXQ2XH9yHu8cgB3ekRx0ZtD/kY4qDPj5jhJWo1JWG4XBEsqfXSCVA
pOK6VxTMT0p3+1/L9NnNjmQCFuaep0QG27QvHCmpa5MNLwxTuER6w8qdeuhPjIqj
+wIDAQAB
-----END PUBLIC KEY-----'''
#
privateKey = '''-----BEGIN PRIVATE KEY-----
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDazuuRKD4Pjf1s
I4dT/Q3gjoDkgGZSZCxxPMYJyjyTeLbmdErvI3zqlSbXYVD/8JHPleizfJsxw4J8
nu+kXpgEu3O+fymTIAId2ySG6zgdKxsHaMW+LzzxMB5mxN7OwSTBzXdZbXwro+WL
CEAXmqlYGxPtpBnnxz8wUlM5xzI56ec0NYuRoYFFw1kq+8WRgvnmSefC73hynATY
CBg937JDfPWYOBKSLaRdDZcf3Ie7xyAHd6RHHRm0P+RjioM+PmOElajUlYbhcESy
p9dIJUCk4rpXFMxPSnf7X8v02c2OZAIW5p6nRAbbtC8cKalrkw0vDFO4RHrDyp16
6E+MiqP7AgMBAAECggEAeQ+rPjDpxWlmIYK2yT1lhCzUG5j/A+7wt+ZMG/aM9XsA
lxkYrJ8R6iiDyP7K9hCAXD4w9b2nkCz/8Ttuk57StSuRqoBo3EIFacdpukxCS8Eh
v0O0xLkWGsvoxit+qx4p3CB2PEBbRznzMq1p6KVltJ2mtQDqZFbVG0MxUPJpU6iU
WXKclYLIxeVfMMF3My6L9i+IkfurhrgskDrzqar2CwhBN/5FVFovnfwx47U0FWvz
twn/wrF/srilIixoSyizLCz8hBOi/yiHqFokoAiOMVt6qLcdruUma/L6223rxuFK
lMmbd1IlyHdfDhhG1KQygZ6yvFSiCDpFaHAxK1P7AQKBgQD37VHEOHx6mdovZMji
Lc0wAxvRF8aQGeNIdECd5dLdLxsCoXD0ckPueQM8XTPomSqXBICwaPpwzvROfjQH
PwoiglrpxQwyIJ95EwPZ6rU6GAOWytx3wFWLlblqQsBC3uZucl21ViDvgwCmjGex
ssW2RWNqOfVWEskUfQIrgn3l4QKBgQDh7t8azEkZ7T5/jcUIdvUxzqcbmZevMv6U
ZfxCl8U3bVonJpB2hvAJXlK1IXCtvsf2Buf+Xkglb0adwUrGf5QOtMr+bMHYyTTU
4VfuYdW0MAFPSnayVLRw7AIdelj5uLB75/GKZOTenwMP4S4CXLBCAH9z2bMniaL5
dFtFXc2NWwKBgD2Kv11B2ERmpG5XSjY6wFBGtUT17egfRPfbQ57uSaV15/KDOJK1
On+bsl3tlNEMFDJgf8FKjcAq3yIM2cVitJVUXlThAOIAjxVyzuXtCQdepqVrvcZM
C/AWPmxOHYN76R9JbFFzC8HoduTgvWyyv7k7CC56LJgtGZToYv2B6taBAoGAIKhH
hXcb5ex+CS/z2Aph3MYzL3EfFMr5M3geY33Omvlqe5g+b3OHxMLmj5n60JJwEubi
p8j3Aro36dujtFeCjjGh2e7cgjprMY41CJcJrdb2iYCI8bP+tQfYMmyZ6dbBY9ed
+VQmJOu1JJl27g55x8CMq7E/DSr+7LHd84Pgj1sCgYAmrYG7Mw9om+oOfwC2Npj8
HMHG0O7ieSfVVS2RH617/mx0d34O6eWMbpoWLwyKQjA72pxQ58xE+i61r1c0yxFa
zqU/xzoCenQt8zqGJ2DRooFWAvX+1IyPl26nvjExZOtwNUbPWa3lSPxunQvT6kPN
yODYyFiErhJJJw0eEa7L0A==
-----END PRIVATE KEY-----
'''

def pb_encryption(public_key, message):
    """
    公钥加密
    :param publicKey: 公钥字符串
    :param message: 被加密的消息
    :return: 加密后的密串
    """
    publickey = RSA.importKey(public_key)
    enc = PKCS1_v1_5.new(publickey)
    ciphertext = enc.encrypt(message.encode())
    return base64.encodebytes(ciphertext)


def pr_decryption(private_key, en_str):
    """
    私钥解密
    :param private_key: 私钥串
    :param en_str: 密文数据
    :return:
    """

    key = RSA.importKey(private_key)
    dec = PKCS1_v1_5.new(key)

    ciphertext = base64.decodebytes(en_str)

    return dec.decrypt(ciphertext, Random.new().read).decode()

if __name__ == '__main__':
    s = pb_encryption(publicKey, "1")
    print(pr_decryption(privateKey, s))

2. DES秘钥加密

模块安装

pip install pyDes

模块使用

源码参数

# Modes of crypting / cyphering
ECB =	0
CBC =	1

# Modes of padding
PAD_NORMAL = 1
PAD_PKCS5 = 2

代码应用

from pyDes import *

Des_Key = "SDEETT"  # 自定义的字符串

self.Des_IV = "\x15\1\x2a\3\1\x23\2\0"  # 自定IV向量

des(Des_Key, CBC, self.Des_IV, pad=None, padmode=PAD_PKCS5)
        EncryptStr = k.encrypt(tr)
        # EncryptStr = binascii.unhexlify(k.encrypt(str))
        ###  print('注册码:',base64.b64encode(EncryptStr))
        return base64.b64encode(EncryptStr)  # 转base64编码返回
posted @ 2021-11-24 09:19  河图s  阅读(15)  评论(0)    收藏  举报